Post on 21-Jun-2022
SEED Labs 2.0: A Hands-on Approach in Cybersecurity EducationWenliang (Kevin) Du, Ph.D.
Laura J. and L. Douglas Meredith ProfessorDept. of Electrical Eng. & Computer ScienceSyracuse University Email: wedu@syr.edu
Outline
Hands-on Learning
SEED Labs(20 years of work)
Related SEED Projects
Hands-on Learning
Labs in classroomReal-world problem solving
Cyber Range
Kali Linux and SEED Labs
Objectives of SEED Project
Cost
• Free
• No need for dedicated hardware
Quality
• Engaging activities
• Focus on education
Coverage
• Fundamental principles
• Classic & current attacks
Efficiency
• Focused
• Minimize non-essential activities
Project Phases
2002 – 2005
Proof-of-Concept
NSF $75,000
2007 – 2012
Growing
NSF $450,000
2013 – 2019
Dissemination
NSF $860,000
2020 –
Future
Open sourceTrainingNew ideas
Adoption (2018.4 – 2021.3)
More than 1000 institutes
Users in France
Adoption
q Universities/collegesq High schools q State-wide adoption: Virginia Cyber Rangeq Company’s internal training, interviewsq Military and law enforcement
Army (West Point), Air Force, Navy, Coast Guard Academy, FBICyber Protection Battalion
Lab Environment
SEED Labs
Android Linux (Ubuntu)
Host OS (Windows, Linux, Mac)
Ubuntu 20.04(64-bit)
SEED Labs 2.0
Personal Computer
Cloud
Computer Lab
§ Amazon AWS§ Google Cloud§ Microsoft Azure§ DigitalOcean§ Alibaba Cloud
Lab Deployment
Cloud Deployment (Using VNC)
Using tablet Using smartphone Using Raspberry Pi
Using Containers in SEED Labs 2.0
Using Containers
NetworkTopology I
NetworkTopology II
A Complex Example
Close to 40 Labs
9 14 4
2 8 2
https://seedsecuritylabs.org
Three Types of Labs
Attack Labs Exploration LabsDesign and
Implementation Labs
Classical Attacks
Buffer-Overflow AttackReturn-to-libc AttackFormat-String Attack Race Condition AttackSQL Injection AttackCross-Site Request ForgerySamy Worm (XSS)ClickJacking AttackAndroid Rooting AttackAndroid Repackaging Attack
Packet sniffing and spoofingARP Cache Poisoning AttackIP/ICMP AttacksTCP AttacksMitnick Attack (TCP attack)Kaminsky Attack (DNS attack)BGP AttacksHash Length Extension AttackAttacks on Encryption
Recent Attacks
Dirty COW AttackMeltdown Attack Spectre Attack Shellshock Attack
Heartbleed AttackMD5 Collision Attack Attacks on IoT
Exploration Labs
Under Development¢ Container & Docker¢ Bitcoin & Blockchain
New¢ DNS-in-a-Box Lab¢ BGP Labs
Existing¢ Set-UID program Lab¢ Firewall Exploration Lab¢ Secret-Key Encryption Lab¢ Public-Key Encryption Lab¢ PKI Lab, TLS Programming Lab¢ Shellcode Lab
Objective: Explore how security mechanisms work
Design and Implementation Labs
¢ VPN Lab¢ Firewall Lab
Open Source
GitHub: https://github.com/seed-labs
Instructor Manual: Send me email (wedu@syr.edu)
Related Projects
Textbook
• Adopted by 192institutes worldwide
• Self-published in 2019
https://www.handsonsecurity.net/
Videos
https://www.handsonsecurity.net/video.html
Course Enrollment
Workshops2015: 60 faculties2016: 70 faculties2017: 70 faculties2018: 80 faculties2019: 90 faculties2020: 120 faculties
2021Workshops
June – August
§ Free, Online (Zoom)§ Instructors only§ 10 weeks: 3 hours/week§ Cover 2-3 labs each week
https://seedsecuritylabs.org/workshops/
Current Work: Internet Emulator
BGP Attack LabBotnet LabDarknet LabMorris Worm LabSDN Security Labetc.
Thank You !
Questions ?